package com.projectmanagement.server.service.auth;

import org.springframework.stereotype.Service;
import org.springframework.util.ObjectUtils;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;

/**
 * @description
 * @author 星空梦语
 * @date 2021/3/9 下午4:08
 */
public class AuthFilter  implements HandlerInterceptor {

    /**
     * @description
     * @author 星空梦语
     * @date 2021/3/9 下午4:08
     */
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws IOException {
        System.out.println("session验证、。。。");
        HttpSession session = request.getSession();
        String urlString = request.getRequestURI();
        if( !urlString.endsWith("login") && !urlString.endsWith("registerUser")){
            if (ObjectUtils.isEmpty(session.getAttribute("auth"))) {  //请求session中不存在登录标识则返回401
                response.setStatus(401);
                return false;
            }
        }
        return true;
    }


}
